Detections
Analytics

Debian dla-3345 : libapache2-mod-php7.3 - security update

high Nessus Plugin ID 171925

Language:

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3345 advisory.

 ------------------------------------------------------------------------- Debian LTS Advisory DLA-3345-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin February 26, 2023 https://wiki.debian.org/LTS
 -------------------------------------------------------------------------

 Package : php7.3 Version : 7.3.31-1~deb10u3 CVE ID : CVE-2022-31631 CVE-2023-0567 CVE-2023-0568 CVE-2023-0662 Debian Bug : 1031368

 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language, which could result in denial of service or incorrect validation of BCrypt hashes.

 CVE-2022-31631

 Due to an uncaught integer overflow, `PDO::quote()` of PDO_SQLite may return an improperly quoted string. The exact details likely depend on the implementation of `sqlite3_snprintf()`, but with some versions it is possible to force the function to return a single apostrophe, if the function is called on user supplied input without any length restrictions in place.

 CVE-2023-0567

 Tim Dsterhus discovered that malformed BCrypt hashes that include a `$` within their salt part trigger a buffer overread and may erroneously validate any password as valid. (`Password_verify()` always return `true` with such inputs.)

 CVE-2023-0568

 1-byte array overrun when appending slash to paths during path resolution.

 CVE-2023-0662

 Jakob Ackermann discovered a Denial of Service vulnerability when parsing multipart request body: the request body parsing in PHP allows any unauthenticated attacker to consume a large amount of CPU time and trigger excessive logging.

 For Debian 10 buster, these problems have been fixed in version 7.3.31-1~deb10u3.

 We recommend that you upgrade your php7.3 packages.

 For the detailed security status of php7.3 please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/php7.3

 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Attachment:
 signature.asc Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the libapache2-mod-php7.3 packages.

See Also

https://security-tracker.debian.org/tracker/source-package/php7.3

https://security-tracker.debian.org/tracker/CVE-2022-31631

https://security-tracker.debian.org/tracker/CVE-2023-0567

https://security-tracker.debian.org/tracker/CVE-2023-0568

https://security-tracker.debian.org/tracker/CVE-2023-0662

https://packages.debian.org/source/buster/php7.3

Plugin Details

Severity: High

ID: 171925

File Name: debian_DLA-3345.nasl

Version: 1.5

Type: local

Agent: unix

Published: 2/26/2023

Updated: 1/22/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-0568

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:php7.3-pgsql, p-cpe:/a:debian:debian_linux:php7.3-cli, p-cpe:/a:debian:debian_linux:php7.3-dba, p-cpe:/a:debian:debian_linux:php7.3-interbase, p-cpe:/a:debian:debian_linux:php7.3-gmp, p-cpe:/a:debian:debian_linux:php7.3, p-cpe:/a:debian:debian_linux:php7.3-tidy, p-cpe:/a:debian:debian_linux:php7.3-sybase, p-cpe:/a:debian:debian_linux:php7.3-mysql, p-cpe:/a:debian:debian_linux:php7.3-enchant, cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:php7.3-ldap, p-cpe:/a:debian:debian_linux:php7.3-recode, p-cpe:/a:debian:debian_linux:php7.3-pspell, p-cpe:/a:debian:debian_linux:php7.3-snmp, p-cpe:/a:debian:debian_linux:php7.3-curl, p-cpe:/a:debian:debian_linux:php7.3-sqlite3, p-cpe:/a:debian:debian_linux:php7.3-dev, p-cpe:/a:debian:debian_linux:php7.3-zip, p-cpe:/a:debian:debian_linux:php7.3-gd, p-cpe:/a:debian:debian_linux:php7.3-mbstring, p-cpe:/a:debian:debian_linux:php7.3-imap, p-cpe:/a:debian:debian_linux:php7.3-readline, p-cpe:/a:debian:debian_linux:php7.3-cgi, p-cpe:/a:debian:debian_linux:php7.3-json, p-cpe:/a:debian:debian_linux:php7.3-bcmath, p-cpe:/a:debian:debian_linux:php7.3-xml, p-cpe:/a:debian:debian_linux:php7.3-soap, p-cpe:/a:debian:debian_linux:php7.3-bz2, p-cpe:/a:debian:debian_linux:php7.3-common, p-cpe:/a:debian:debian_linux:php7.3-xmlrpc, p-cpe:/a:debian:debian_linux:php7.3-phpdbg, p-cpe:/a:debian:debian_linux:libapache2-mod-php7.3, p-cpe:/a:debian:debian_linux:php7.3-intl, p-cpe:/a:debian:debian_linux:php7.3-fpm, p-cpe:/a:debian:debian_linux:php7.3-odbc, p-cpe:/a:debian:debian_linux:libphp7.3-embed, p-cpe:/a:debian:debian_linux:php7.3-opcache, p-cpe:/a:debian:debian_linux:php7.3-xsl

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/26/2023

Vulnerability Publication Date: 1/4/2023

Reference Information

CVE: CVE-2022-31631, CVE-2023-0567, CVE-2023-0568, CVE-2023-0662

IAVA: 2023-A-0105-S